Services: Monitoring and Logging. 9/16/2018 IST346: Info Tech Management & Administration 1

Similar documents
Cloud Services. Introduction

As you learned in Chapter 1, the architectural variations you can construct using

Cisco Configuration Engine 2.0

Deploy. A step-by-step guide to successfully deploying your new app with the FileMaker Platform

User Manual Avira SMC Security Management Center More Than Security

Getting started with System Center Essentials 2007

CMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 4

Chapter 2 Application Layer. Lecture 4: principles of network applications. Computer Networking: A Top Down Approach

IOPStor: Storage Made Easy. Key Business Features. Key Business Solutions. IOPStor IOP5BI50T Network Attached Storage (NAS) Page 1 of 5

The Balabit s Privileged Session Management 5 F5 Azure Reference Guide

Adding Groups to Groups

Introduction to TCP/IP

NetAlly. Application Advisor. Distributed Sites and Applications. Monitor and troubleshoot end user application experience.

Etanova Enterprise Solutions

Technical Overview. Access control lists define the users, groups, and roles that can access content as well as the operations that can be performed.

EventSentry Quickstart Guide

CMSC 322 Computer Networks Applications and End-To- End

QRM+ Tutorials. QNAP s Remote Server Management Solution. rev

Scale-out Storage Solution and Challenges Mahadev Gaonkar igate

70-414: Implementing an Advanced Server Infrastructure Course 01 - Creating the Virtualization Infrastructure

Designing an Exchange 2000/2003 Routing Group Connector Topology

Delivers cost savings, high definition display, and supercharged sharing

CCNA Exploration Network Fundamentals. Chapter 03 Application Functionality and Protocols

Introduction to the Application Layer. Computer Networks Term B14

Nimsoft Cloud User Experience

Automated system and service monitoring with openqrm and Nagios

Deploy the ExtraHop Discover Appliance 1100

Application Guide. Connection Broker. Advanced Connection and Capacity Management For Hybrid Clouds

StreamSets Control Hub Installation Guide

System Requirements. v7.5. May 10, For the most recent version of this document, visit kcura's Documentation Site.

Remote power and console management in large datacenters

Deploy. Your step-by-step guide to successfully deploy an app with FileMaker Platform

Security in Bomgar Remote Support

P a g e 1. Teknologisk Institut. Online kursus k SysAdmin & DevOps Collection

(5) Affiliation (10) XML (15) Web Augmentation (20) Gateways. (4) Kernel (9) ES test (14) SSL. (1) Portal (6) EDI (11) Web Directories (16) W3C

Virtual Server Service

VMware AirWatch Content Gateway for Linux. VMware Workspace ONE UEM 1811 Unified Access Gateway

Reference Architecture

Alliance Key Manager A Solution Brief for Partners & Integrators

Lotus Protector for Mail Security

Linux Administration

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

Storage Manager 2018 R1. Installation Guide

DHIS2 Hosting Proposal

NetIQ Privileged Account Manager 3.5 includes new features, improves usability and resolves several previous issues.

Echidna Concepts Guide

Cisco Passguide Exam Questions & Answers

VMware AirWatch Content Gateway Guide for Linux For Linux

Reference Architecture. Modified on 17 AUG 2017 vrealize Operations Manager 6.6

CSC 4900 Computer Networks: End-to-End Design

WEB DESIGN & DEVELOPMENT

What s New (v4.0 to v5.0) Thinware vbackup 5.0.0

Security in the Privileged Remote Access Appliance

CS 470 Spring Distributed Web and File Systems. Mike Lam, Professor. Content taken from the following:

Web Hosting. Important features to consider

inforouter V8.0 Implementation Guide Active Innovations, Inc. A Document Management Company

IT Service Delivery and Support Week Three. IT Auditing and Cyber Security Fall 2016 Instructor: Liang Yao

SOFTWARE ARCHITECTURE SUMMARY. Tatsuya Hagino

Preinstallation Requirements Guide

IBM SecureWay On-Demand Server Version 2.0

Part 1 : Getting Familiar with Linux. Hours. Part II : Administering Red Hat Enterprise Linux

Technical Brief. Network Port & Routing Requirements Active Circle 4.5 May Page 1 sur 15

Symantec Security Information Manager FIPS Operational Mode Guide

Review of Previous Lecture

COPYRIGHTED MATERIAL. Introducing VMware Infrastructure 3. Chapter 1

SynapSense Software. Installation Manual. Release 7.1 Issue 1

Deploy the ExtraHop Discover 3100, 6100, 8100, or 9100 Appliances

Out-of-band that actually works.

CS 470 Spring Distributed Web and File Systems. Mike Lam, Professor. Content taken from the following:

Monitoring your Network with Linux. WAVV 2005 Richard Smrcina VM Assist, Inc. May 23, 2005

Web Mechanisms. Draft: 2/23/13 6:54 PM 2013 Christopher Vickery

CUSTOMER CONTROL PANEL... 2 DASHBOARD... 3 HOSTING &

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Mac OS X Server Web Technologies Administration. For Version 10.3 or Later

Proactive Performance Monitoring for Citrix XenApp & XenDesktop

Telemote - A Next Generation Secure Systems Administration Platform

VMware vrealize Log Insight Getting Started Guide

Introduction to SQL 2000: Installation and Implementation. SQL Server Administration suite: course 1 of 4

Protocol Layers, Security Sec: Application Layer: Sec 2.1 Prof Lina Battestilli Fall 2017

HOW TO PLAN & EXECUTE A SUCCESSFUL CLOUD MIGRATION

Sentinet for BizTalk Server SENTINET

Chapter 2. Application Layer. Chapter 2: Application Layer. Application layer - Overview. Some network apps. Creating a network appication

Deploy the ExtraHop Discover Appliance in Azure

Nubo on premise POC requirements for VMWare ESXi

Transport Gateway Installation / Registration / Configuration

DELL POWERVAULT MD FAMILY MODULAR STORAGE THE DELL POWERVAULT MD STORAGE FAMILY

VMware AirWatch Content Gateway for Windows. VMware Workspace ONE UEM 1811 Unified Access Gateway

Polarion Enterprise Setup 17.2

VMware AirWatch Content Gateway Guide for Windows

SAS SOLUTIONS ONDEMAND

Performance Monitoring and SiteScope

Performing an ObserveIT Upgrade Using the Interactive Installer

Setting Up the Server

Administering vrealize Log Insight

Web Serving Architectures

Getting Started. April 12, 2018 vrealize Log Insight 4.6

BCPro Installation Instructions Code No. LIT Software Release 3.0 Issued September 2017

PROVIDING YOU LOG INFRASTRUCTURE LOG COLLECTION SOLUTIONS TO BUILD A SECURE, FLEXIBLE AND RELIABLE

Cisco Configuration Engine 3.5

Acronis Monitoring Service

Transcription:

Services: Monitoring and Logging 9/16/2018 IST346: Info Tech Management & Administration 1

Recall: Server vs. Service A server is a computer. A service is an offering provided by server(s). HTTP 9/16/2018 IST346: Info Tech Management & Administration 2

Services Unify a set of workstations into a distributed computing environment, since they share common resources. Typical environments have several services, and services often depend on other services. Some services are simple, and have no interaction s on the user s part. (network time, or NTP for example) It is best to think about any given service in terms of its components and interdependencies. 9/16/2018 IST346: Info Tech Management & Administration 3

Components: An Anatomy of a service Rules for accessing or extending the service beyond the components Protocols Instructions for transferring data to/from client/server (transport mechanism) APIs Components Client and Server software part of the application or service interaction 9/16/2018 IST346: Info Tech Management & Administration 4

Example of a service anatomy: Wordpress Protocols HTTP, WebDAV, SMTP APIs XML-RPC Atom RSS Components Web Browsers Apache Web Server PHP Scripting MySQL Database 9/16/2018 IST346: Info Tech Management & Administration 5

Service Dependencies Services at the application level depend on lowerlevel services for their operation. Application Network Core/Infrastructure Complex interface, several protocols. Basic interface with underlying protocol. Essential to all other services. Minimal interface. 9/16/2018 IST346: Info Tech Management & Administration 6

Service Dependencies: Example Application HTTP, SMTP Network DNS, DHCP, LDAP Core Infrastructure 9/16/2018 IST346: Info Tech Management & Administration 7

Services every IT professional should know Core NTP Network time protocol. Keeps the clocks in sync on several hosts DNS Domain name system a method of IP address to host name resolution. DHCP Dynamic Host configuration Protocol a method of assigning IP information over the network. LDAP Lightweight Directory Access Protocol a hierarchal database of directory information (users, groups, organizations, etc) Kerberos A network authentication protocol, used for securely evaluating identities over a network 9/16/2018 IST346: Info Tech Management & Administration 8

Services every IT professional should know Network HTTP Hypertext transport protocol. The application protocol for the WWW SSL Secure Sockets Layer an encrypted channel for HTTP traffic SSH / SCP Secure Shell, Secure Copy. Unix/Linux remote shell and remote file copy protocols. NFS Network File System File sharing for unix-like computers. RDP Remote Desktop protocol. A proprietary protocol for accessing Windows hosts over a network. SMTP Simple Mail Transport Service. Mail routing protocol. OAuth2 for account authentication and authorization. 9/16/2018 IST346: Info Tech Management & Administration 9

Providing a Service Any service you provide must be: Defined Reliable Scalable Monitored Maintained Supported 1 2 3 4 5 6 9/16/2018 IST346: Info Tech Management & Administration 10

Defining your Service Customers are the reason for your service How will they use it? What features do they need? Want? How critical is this service? What are the required levels of availability and support? Formulate a SLA (Service Level Agreement) This will define the service being offered Clarify the expectations for support levels and response time Defined 1 9/16/2018 IST346: Info Tech Management & Administration 11

Service Reliability Keep it simple Simple systems are more reliable and easier to maintain Make the trade-off between features and reliability Use reliable hardware, of course! Reliable 2 Take advantage of vendor relationships Have them provide recommendations (they should be the experts!) Let multiple vendors compete for your business Choose a vendor based on not only features but the stability of their company and product 9/16/2018 IST346: Info Tech Management & Administration 12

More Reliability Reliable Use Open Architecture: Open protocol standards and file formats RFC s from the IETF http://www.rfc-editor.org Pros Bigger selection of products and vendors to choose from Decoupled client and server selection Avoids being locked in to a specific platform or vendor Con Sometimes open standards don t go far enough Google-Worthy Service-Oriented Architecture is changing the game a bit, as most services are gravitating towards interoperability (working with each other) 2 9/16/2018 IST346: Info Tech Management & Administration 13

Last Slide on Reliability Any service should have 3 environments Usually, each environment is on separate hardware Reliable 2 Primary Environment for the Service Prod Dev Where you build out new features for the service / upgrades Test Mirror image of prod environment for testing purposes 9/16/2018 IST346: Info Tech Management & Administration 14

Scalability Scalable Scalability A service s ability to grow with its demand. Helps maintain performance levels. You should try to plan for scalability when designing your service. Two types of scalability: Vertical (scale up) Increasing the size of the node. Eg. add more RAM or an extra CPU to a server, buy a bigger washing machine, Horizontal (scale out) Adding more nodes to the service. Eg. purchase three more servers and balance their load, buy another washing machine, but keep your old one. 3 9/16/2018 IST346: Info Tech Management & Administration 15

Scalability: H vs. V Scalable 3 Vertical Scalability: Before After Load Balancer Horizontal Scalability: Before After After After 9/16/2018 IST346: Info Tech Management & Administration 16

Scaling your Laundry You ve got more laundry than your current washing machine can handle!! Scalable 3 Vertical Horizontal Use a bigger, faster washing machine Use more than one washing machine 9/16/2018 IST346: Info Tech Management & Administration 17

Service Monitoring Layered Monitoring: PPS! 1. Ping: Monitor the host 2. Port: Monitor the port for the service 3. Service: Connect to the port; verify the response Monitored 4 A Monitoring agent should send an alert to the IT team when things aren t right. What, When, Where Without adequate monitoring you cannot offer good service! 9/16/2018 IST346: Info Tech Management & Administration 18

Monitoring and Logging Monitored 4 Service Monitoring Observing service activity in real-time This is done by a computer, not a human. Important events are passed on to a human (notification). Service Logging Keeping historical records of service activity This data grows over time and can become quite large. Only referred to when needed to troubleshoot a problem or trace down a security incident. 9/16/2018 IST346: Info Tech Management & Administration 19

Why Bother? Monitored 4 Why do we Monitor? To detect / identify problems quickly. Ideally you want to know about it before your users do. To determine if resources are being constrained or over utilized. Why do we Log? Help get to the root cause of an issue or incident. Help us predict problem and avoid them. Provide historical data or trends for service usage. Report on service activity. If you re not measuring it you aren t managing it 9/16/2018 IST346: Info Tech Management & Administration 20

How Monitoring and Logging Work Server Log Network Activity Service External Service Monitor Internal Service Monitor Event Event 9/16/2018 IST346: Info Tech Management & Administration 21 SA

Example: Simple Web Service Monitoring Linux Host: web.syr.edu Network Activity Apache HTTPD access_log nmap web.syr.edu ps aux grep httpd Event: Port unavailable Event: Service stopped 9/16/2018 IST346: Info Tech Management & Administration 22

Example: Email Service Monitoring Exchange email Network Activity Web mail service http access_logs SCOM testmailflow.ps1script Windows IIS web service monitor Event: Port unavailable Event: Service stopped 9/16/2018 IST346: Info Tech Management & Administration 23

What to Monitor, what to Log? Monitored 4 Monitor for a condition. Send alert when the condition is met. Log the condition whether it sends an alert or not. Examples: (Why would you monitor/log these?) CPU utilization stays at 100% for X minutes. Free disk space drops below 10%. Port does not respond for 1500 ms HTTP request take more than 5 sec to get response. 9/16/2018 IST346: Info Tech Management & Administration 24

Better Monitoring Monitored Normal Normal: When a service fails you send an alert. Proactive Monitoring Proactive: When a service show signs it is about to fail you send an alert. (100% cpu, Long responses, etc.) Automated Responses Normal: When a service fails you send an alert. Automated: When the service fails, you attempt to restart it. If the restart fails, you send an alert. PM and AR are difficult and time-consuming to implement, but are time savers for difficult problems with no permanent fix. A layered approach is always better. 4 9/16/2018 IST346: Info Tech Management & Administration 25

Alerts! Monitored Types: Email TXT message SMS Page Automated dialer calls phone. Pick the appropriate Alert for the appropriate Event and time. Don t send email when you re not going to check it! In a layered approach, you might send an email, and if the problem persists send a TXT, etc 4 9/16/2018 IST346: Info Tech Management & Administration 26

Logging Monitored Log files get very large since they record all activity. Log file rotation service points to a different log file after a specified interval. Lets you backup log files Keeps the size of the files manageable. Log files are text and they compress nicely. How long do you keep logs? Depends on service, depends on your policy It s not a decision the SA should make. Ship logs to a Big Data system like Hadoop or ElastiSearch Like an insurance policy. Not very useful until the off chance that you need it... then you re glad you have it! 4 9/16/2018 IST346: Info Tech Management & Administration 27

Service Maintenance Maintained 5 Yes, there will come a time when you will need to deny service. (Make it unavailable.) Upgrades to hardware / OS / Service itself Plan and advertise your service outages so your users can plan accordingly. Make sure your outage complies with your TOS. 9/16/2018 IST346: Info Tech Management & Administration 28

Supporting your service After your service is up and running, but before rolling it out you should: Supported 6 Document how the service should be used and maintained by your IT staff Train your IT staff how to support the new service Train the users, if required Build out self-help support for the service to reduce calls to the helpdesk. Don t forget to advertise the new service to your users. Roll it out using One Some - Many so you can get a handle of any unforeseen issues. 9/16/2018 IST346: Info Tech Management & Administration 29

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback